DEVHIDE
Login Or Sign up

Order of args to an HMAC?

148 Views Asked by At

If I send the following response more than once to an untrusted party:

{c, v, HMAC(c + v)}

where c is the same value from response to response.
where v varies from response to response.
where + is a concatenation.

Does having the constant as the start of the HMAC input "weaken" the HMAC?

Is it safer to compute the HMAC with the varying argument first:

{c, v, HMAC(v + c)}

or perhaps doesn't matter?

encryption hmac trusted-vs-untrusted
Original Q&A
1

There are 1 best solutions below

0
Paul Lambert On BEST ANSWER

It doesn't matter. HMAC is designed specifically to address prefix attacks, among others.

Related Questions in ENCRYPTION

Related Questions in HMAC

Related Questions in TRUSTED-VS-UNTRUSTED

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.